Also  inside:  Private  Clouds  on  Mainframes?  |  YouTube  for  the  Enterprise 


COMPVIBiWOlILD 


Peer  Perspective.  IT  Leadership.  Business  Results. 


Should  CIOs  Have  a 


Businesses  need 
contingency  plans 

for  political  uprisings, 
terrorist  attacks  and 
natural  disasters 
around  the  world. 


II 


COMPUTERWORLD 


THIS  ISSUE  I  07.18.2011  [ 


COVER  STORY 

Should  CIOs  Have  a 
Foreign  Policy? 

J4  It'S  a  good  idea  to  monitor  risks  around  the  world,  such  as  political  unrest  and  natural  disasters,  and 
develop  contingency  plans  to  keep  employees  safe  and  ensure  that  your  business  stays  up  and  running. 


HeadsUp 


BUSINESS  CONTINUITY 

Golovanov  and  Stewart  said  TDL-4 

Data  Centers  Survived  Japan’s  Quake 

tough  to  detect,  delete,  suppress  or 
eradicate. 

m-4  infects  the  master  boot 

NArr  CONSTRUCTION  and  good 

earthquake  that  rocked  the  country 
in  March,  a  lapanese  data  center  execu¬ 

Son;e  data  centers  also  have  floor-level  and 
rack-levd  isolators,  Yamanaka  said,  and  all 
server  racks  ate  secured  firmly  to  the  floor. 

“I  see  some  U.S.  data  centers  with  tacks  just 
sitting  on  the  floor,  and  you  don’t  see  that  in 

record  of  the  PC  with  a  rootkit, 
which  makes  it  invisible  to  both 
the  operating  system  and  security 
software  designed  to  sniff  out  ma¬ 
licious  code. 

tive  said  last  late  month  at  the  Datacenter- 
Dynamics  conference  in  San  Francisco. 

Japan,”  he  said. 

The  shock  absorbers  ate  most  efective  at 
the  hiiildinff  level.  Yamanaka  said. 

What  makes  the  botnet  indestruc¬ 
tible  is  the  combination  of  its  ad¬ 
vanced  encrvotion 

blackouts  and  shortages  of  generatin' fuel, 
but  none  of  Japan’s  dau  centers  was  severely 

and  some  of  those  at  the  radt  level  and  the  use  of  a 

did  not  work  during  the  earth-  public  peer-to-peer 

damaged  or  knocked  offline  by  the  disaster, 
said  Atsushi  Yamanaka,  a  general  manager 
at  IDC  Frontier,  which  operates  data  centers 
for  Yahoo  Japan  and  other  clients. 

Modem  centers  in  Japan  are  buih  on 

quake.  Nevertheless,  be  said,  only 

five  serw  racks  were  critically  damaged  in 

all  of  Japan**  data  centers. 

Disaster  recovery  plans  generally  went 
smoothly.  Where  power  was  cut  oCE,  unin- 

network  tor  tne 

instructions  issued  to  the  malware 
by  command-and-control  servers. 

■The  way  peer-to-peer  is  used  for 
TOL-4  will  make  it  extremely  hard 
to  take  down  this  txKnet,”  sakJ  Roel 

from  metal  and  rubber  on  which  buildings 
‘‘float'  while  the  ground  beneath  shakes 
from  side  to  side. 

2C0.R.TE....L.  >UlVt..2ai> 

kicked  in,  and  companies  were  quick  to 
order  mote  fuel,  Yamanaka  said. 

-  James  Nionliii.  IDG  News  Service 

Schouwenberg,  senior  malware 
researcher  at  Kaspersky. 

THE  PROBLEM:  YOUR  BUSINESS  IS 
GROWING  FASTER  THAN  THE  SPEED  OF  T1s. 

THE  SOLUTION:  COMCAST  METRO  ETHERNET 


Comcast  Metro  Ethernet  does  what  legacy  technologies  like  T1  can’t.  It’s  completely  scalable,  allowing  you  to  quickly  and  easily 
double  your  bandwidth  without  doubling  your  costs.  So  your  total  cost  of  ownership  is  iower  and  your  budget  goes  further. 
And  the  private  network  is  operated  by  Comcast  from  the  first  mite  to  the  last,  giving  your  business  reliabiiity,  security,  and 
faster  speed.  Comcast  Metro  Ethernet  is  the  choice  of  companies  that  reaiize  outdated  technology  just  can’t  compare  to 
Comcast’s  Ethernet  solution. 


n  all  areas.  Cal  for  (totals.  Comcast  O  201 1 .  Al  rights  reserved. 


gomcast. 

BUSINESS  CLASS 


Restrictions  apply.  Not  avalable  i 


jnWifP’ 


18f1  DUAL  HOSTING 


TUC  MCW  CTAMHAPn  IM 

lA/PR  uncTiMr: 


No  other  web  host  offers 
more  expertise,  know¬ 
how  and  quality  service 
than  INI. 

Double  Security: 


% 


Mghtedi  data  center! 

^  High-speed 
Global  Netvwork: 

210  GBiVs  Connectivity 

Enviromnciitally 

RcsponsMc: 

100%  RenevaUe  Energy 

^SoMTadmical 


SUMMER  SPECIAL:  1&1  DUAL  ADVANCED  PACKAGE 

1  YEAR  FREE! 


■  SOO  E-mail  Accounts 


■  150  GB  Web  Space 

■  DNS  Management 

■  so  FTP  Accounts 

■  1&1  SiteAnaiytics 


■  ASP,  .NET,  AJAX,  UNO,  PHPS,  Peri,  SSI 

■  S  Microsoft*  SQL  Databases 

■  Mobile  Website  Optimization  Software 

■  24/7  Toll-free  Customer  Support 


Need  more  domains? 

.com  with  FREE  Private  Registration  just  $4.99?first  year.* 


□ 


1-877-GO-1AND1 

1-855-CA-1AND1 


www.1and1,com 

www.1and1,ca 


1&1 


Cloud  Cures  Hospital’s 
Ailing  Email  System 

After  years  of  almost  weekly  email  system  disruptions, 
Grady  Health  finds  stability  in  the  cloud.  By  Sharon  Gaudin 


better  tadde  IT  priorities. 

Candlla  said  she  decided 
to  use  a  cloud-based  email 
system  because  the  IT  de- 
oartment  lacked  the  in-house 


ariouslocations.Thedeci- 
ion  was  made  only  after  she 
vas  convinced  that  the  cloud 
nuld  meet  Grady’s  security 


Grady  ultimately  chose  Microsoft’s 
Exchange  Online  email  service  from 
among  three  options  and  began  a  six-month 
impletnentation  process  last  suimner. 

Cancilla  wouldn’t  say  what  the  hospital 
is  paying  per  seat  for  Exchange  Online, 
but  she  did  note  that  the  overall  annual 
cost  is  a  “fraction’’  of  the  $200,000  spent 
running  GioupWise.  Moving  to  the  cloud 
also  allowed  Grady  to  avoid  spending  mote 


VHEHOCMIECJUICILUitookchatgeofthelT 
%  jk  /  operation  at  Grady  Health  System,  which  oper- 

ates  one  of  the  lar^  public  hospitals  in  the  U.S., 

■f  Wr  she  inherited  an  email  system  that  had  become  a 

T  V  nightmare  for  doctors,  nurses  and  administrators. 

“We  clearly  are  saving  every  day  bee 
expenses  associated  with  our  dd  insta 
Since  the  system  was  installed  more 
there’s  been  one  relatively  brief  service 
Rob  Enderle,  an  analyst  at  Enderle  C 

ause  we  don  t  have  the 
lility,”  she  added, 
than  six  months  ago, 
disruption. 

roup,  said  the  hospital 

downtime.  Grady’s  aging  Novell  GroupWise  email  system  was 
averaging  an  outage  per  week. 

At  the  time,  in  2008,  Grady  was  fixang  severe  budget  proUems, 

materials  needed  to  fuDy  fix  an  email  system 
that  oost  some  $200y000  annually  to  operate. 

cloud-based  system.  “TTiete  are  compa 
00  GroupWise,  which  likely  contribute 
it,”  he  said.  “Migrating  email  systems  i 
this  dass  ate  natural  for  cloud  services 
ButDanOids,ai 
Consulting  Group, 

ratively  few  folks  trainee 
d  to  [Grady’s]  issues  with 
s  a  nightmare.  Products  i 

n  analyst  at  Gabriel 
questioned  whether  a 

“For  almost  10  years,  this  organizat 
no  funding,  so  they  had  learned  to  Im 
what  they  had,’ she  said.  “’The  servers 
stable. ’T^  filters  weren’t  working  cor 
We  bad  configuratkm  problems.  We  h 


cloud-based  system  is  best  for  a  large  health- 

For  almost 

10  years, 

this  organization  had 
no  funding, 

cate  provider.  “Tm  not  wild  about  important 

organizations  like  heahbeare  firms  moving 

wholesale  to  the  cloud,'  he  said. 

“Health  records  are  highly  sensitive,” 

Olds  added.  “If  they’re  expo^  or  lost  or 
damaged,  it’s  not  only  a  very  bad  thing  for 
the  organization’s  reputation,  it  could  also 
open  them  up  to  regulatory  fines  and 
other  sanctions.”  ♦ 

:  ’  because  the  project 
was  apparently  tainted  by  fraud 
and  kickback  schemes. 


Vf 


(If 


NYC  Seek  $600M 
Refund  for  IT  Work 


Mayer  Sloamberg  says  SAIC  should  reimburse  the 
city  for  a  payroll  system  project  tainted  by  fraud 
and  kickback  allegations.  By  Chris  Kanaracus 


activities  are  extremely  troubling  and  raise  questions 
about  SAlCs  coipoiate  responsibility  and  internal 
controls  to  prevent  and  combat  fraud.” 

While  Bloomberg  acknowledged  in  his  letter  that 
New  York  has  “received  a  woifcing  system  that  will 
advance  our  managemern  ability,' he  added  that 
“because  the  project  was  apparently  taiffled  by  fraud 
and  kickback  schemes,  the  city  must  be  made  whole.” 

Bloomberg  said  that  SAIC  must  pay  roughly 
$600  million  in  compensation  for  the  project  and  that  it 
should  reimburse  the  city  for  “the  cost  of  investigating 


TechnoDyne  couldn't  be  reached  for  comment. 

SAIC  systems  engineer  Carl  Bell,  who  designed 
the  payroll  software,  has  pleaded  guilty  to  multiple 
charges  in  conneetkm  with  the  project  and  has  agreed 
to  cooperate  with  imestigators. 

Federal  investigators  also  alleged  that  SAIC  had 
received  whistleblower  complaints  about  the  prefect 
as  far  back  as  2005.  Accordi^  to  Bloomberg,  “It  is 


CITING  ALLEGED  “fraud  and  kickback  schemes,”  New  York 
Mayor  Michael  Bloomberg  is  demanding  that  systems 
integrator  SAIC  pay  the  dty  more  than  $600  million  in 
reimbutsements  for  a  troubled  IT  prr^. 

In  2003,  New  York  awarded  SAIC  a  $63  million 
contract  to  modernize  the  municipal  payroll  system.  Over  the 
next  several  years,  the  cost  of  the  project  swelled  almost  tenfold 
as  work  on  the  so-called  CityTime  system  stumbled  along. 

The  problems  prompted  a  sweeping  federal  probe  that  led  to  the 
indictments  earlier  this  year  of  SAIC  employees  and  contractors  in 

In  a  letter  sent  late  last  month  to  SAIC  CEO  Waker  Havenstein, 


II  In  a  statement.  SAIC  said  that  it  “understands  and 

shares  the  outrage  expressed  by  the  city  at  the  fraud 
alleged  on  the  part  of  former  employees  and  subcon- 

.  tractors.  These  actions  are  an  afent  to  everything 

we  stand  for  as  a  company.” 

SAIC  added  that  k’s  “ready  to  disarss  appropriate  resolution  of  this 
matter,  consideTing  the  breadth  of  the  baud  alleged  and  the  fact  that 
SAIC  delivered  a  system  that  the  dty  said  this  week  is  woiking  well.” 

Michael  Krigsman,  CEO  of  IT  consulting  6rm  Asuret,  agreed 
that  the  dty  should  pursue  legal  options  to  recover  the  money  it 
lost  due  to  fraud,  but  he  added  that  the  project  “likely  suffers  from 

diffa^  to  establish  dear  audit  trails  of  legal  liability.” 

Some  163,000  workers  now  use  the  CityTime  system,  com¬ 
pared  with  73,000  in  September  2010,  according  to  the  New 
York  City  comptroller’s  office.  ♦ 

KaitaraoM  is  a  reporter  the  IDG  News  Service. 


7 


cierge 

included 


THE  HP  ELITE  SERIES  Premium  service  and  support,  only  available  for  the  HP 
Elite  Series.  With  fast  call  response  and  resolution,  it  goes  above  and  beyond 
anything  you've  ever  experienced.  More  secure,  manageable  and  responsive  with 
the  2nd  gen  Intel'  Core'”  i7  vPro'“  processor,  it  all  adds  up  to  make  HP  Elite  "elite." 

hp.com/Elite 


Everybody  On 


What’S  the  most  Inteicstint 
thing  peopio  don’t  know  about 
you7  That  1  was  a  biology  major 
in  college  and  have  remained 
interested  in  how  iiving  systems 
evoive  and  how  peopie  are  wired. 

What  now  place  would  you  like 
to  visit?  Polynesia.  It  looks  like 
an  intimate  version  of  Hawaii. 

-  A  Am  EXPERIENCE,  the  best 

:  W  1  creative  ulorh  is  never  done  when 

1  one  is  unhappy.” 

■  So  said  Albert  Einstein,  whom 

franfe  Wander,  aO  and  senior  vice 
president  at  Guordian  Li/e  Insurance 
in  New  York,  likes  to  quote  when 
talking  about  his  unique  opproach  to 
runnirig  a  successful  IT  organization. 

Too  many  IT  deportments  are  run  like 

Frank  Wander 

What’s  the  best  piece  of  advice 
you’ve  ever  gotten?  When  your 
boss  asks  you  tor  something,  say. 
"No  problem.  When  would  you 

the  emphosis  on  equipment  rather  than 
on  people,  who  are  largely  regarded 
as  intercharigeable  parts.  In  contrast. 

Wander,  a  biologist  by  training,  is  a 

Create  a  relaxed 
environment  and  watch 

commitment  (exercising  moral 
and  ethical  judgment,  of  course). 

nections  between  IT  productivity  and 
innovation  ond  working  in  a  relaxed, 
stress-/Tee  and  collaborative  environ¬ 

IT  people  excel,  says 
Guardian’s  CIO. 

superpoww,  what  would  it  be? 

1  would  love  to  be  able  to  fly. 

ment.  Wander  is  currently  writing  a 
book  on  the  subject,  which  he  has  ten¬ 
tatively  titled  Professional  Intimacy. 

Continued  on  page  12 

10  COlirUTERWOlLD  JULY  18,  2011 

— — . 

Congratulations! 

Wyse  is  proud  to  be  the  Global  Vision  Sponsor  of  the  2011  Computerworld 


Honors  Program  and  congratulate  this  years  Class  of  Honors  Laureates! 


WYSE  I 


•IO(;VtattMdeErtBpiB«CII«nlDw»»Tiic^  TaonotivnoteEnletimwCaert 


THE  GRILL  I  FRANK  WANDER 


Contmued  from  pagt  10 


innovation.  People  didn't  invent  anything  while  they 
were  under  stress. 


WiMt  li  “prolml—il  tntiiMCir?  In  its  siniplest  form, 
professional  intiinacy  is  understanding  all  cd  the  differ¬ 
ent  competencies  and  knowledge  that  define  produc¬ 
tivity  in  IT  —  whether  it’s  an  individual  doing  his  job, 
a  team  of  folks,  or  the  intimate  understanding  of  a 


ItMl  fram  a  byiMM  tn.  Hov  do  vMi  thhrii  IT  ihauld 

™«I7  The  better  approach  is  to  actually  understand 
that  it  is  teams  of  people  with  intimate  knowledge 
in  many  areas  working  together  that  end  up  creating 
value.  “ItMhistrial  baggage”  refers  to  what  used  to 
matter  most  —  investment  in  capital  equipment  and 
the  processes  of  the  efficiency  movement  4  la  Freder¬ 
ick  Taylor.  Back  then,  people  were  incidental  Now, 
we’re  65  years  into  the  information  economy.  What 
is  most  expensive  is  not  the  capital  equipment,  but 


How  dots  dlls  onrk  It  CoardfauiT  Guardian  runs 
consistently  in  the  90s  —  usually  94%  on  time,  on 
budget  [with  IT  projects],  and  we  have  a  very  tough, 
aggressive  development  agenda.  What  we’ve  created 
is  an  environment  I  call  a  collaborative  social  system. 
We  bitild  all  the  core  competencies  that  people  need 
to  do  their  jobs.  We  hire  ^xxl  talent,  and  we  make 
sure  the  cohesive  environment  is  one  where  people 
can  absolutely  excel.  That’s  the  recipe  for  great  IT. 

Whtro  do  yoo  start?  You’ve  got  to  make  coUabotation 
an  absolutely  cote  vahre  and  a  cote  competeiKy  of 
the  organization.  There  will  be  people  who  do  not  fit 
into  the  social  or  work  environment  you’re  creating.  I 
call  them  socially  corrosive  individuals.  A  team-based 
environment  with  a  high  degree  of  socialization  is 
not  suitable  for  them.  You  can  either  design  a  role  for 
them  or  they  find  someplace  else  to  go  work. 


U  It  drives  me  crazy  that  ¥ve  spend  all  day  monitoring  a  $5,000 

server,  but  we  have  people  with  10  years’  experience  making  $150,000 
to  $200,000  a  year.  Are  they  operating  optimally?  Does  anyone 
care?  I  do.  I  want  them  operating  at  their  absolute  peak. 


the  people  themselves.  The  better  approach  has  got  to 
be  an  unrelenting  focus  on  people  and  how  to  make 
them  productive. 

Peter  Drucket  says  we  must  do  for  knowledge  work 
what  we  did  for  manual  work  in  the  zoth  century. 

I  came  to  understand  this  having  done  many  IT 
turnarounds. 


TM  iM  non  about  Hilt  The  most  fundamental  and 
missing  ingredient  was  trust  There  was  a  breakdown 
in  the  social  cohesion  of  the  group.  Insteadof  focus¬ 
ing  on  mistakes,  you’ve  got  to  focus  on  the  message 
that  mistakes  ate  OK,  but  repeated  mistakes  are  not 
The  challenge  is  how  to  create  an  environment 
where  people  are  ndaxed  and  trusting. 


amiwdooialnbottnatuHrtlbotlHlTdopaft- 
miltl?  It  manifests  in  very  low  rates  of  IT  prqect 
success.  Gartner  just  came  out  with  IT  metrics  dab 
from  2010.  In  the  insurance  industry,  $2%  of  IT  proj¬ 
ects  are  completed  on  time  and  $4%  are  completed 
on  budget.  If  you  create  an  environment  where  you 
remove  the  stressors  and  where  peofde  can  relax,  you 
enhance  the  degree  of  cohesion  among  the  team  so 
they’re  freed  up  to  do  cognitive  work.  It’s  then  that 
you  get  a  high  degree  of  ddivery.  People  who  are  in¬ 
credibly  relaxed  get  into  flow  and  create  an  incredible 
amount.  That’s  where  the  breakthroughs  over  time 
have  come  from.  I  think  this  is  absolutely  linked  to 


H««r  do  you  MfoHfv  UWM  people?  I  ask  people  to 
tell  me  about  the  last  three  times  they  h^  a  conflict 
and  what  they  did  about  it.  People  are  very  revealing. 
I  ask  them  what  they  think  are  the  underpinnings 
of  success  in  IT.  The  ri^t  people  are  those  who 
understand  that  you  need  collaboration,  mutual  trust 
and  acceptance  for  others’  ideas  and  opinions.  That 
said,  I  drai’t  always  hire  perfectly,  because  it’s  a  bit  of 
anart.  But  most  people  want  to  work  in  an  environ¬ 
ment  that’s  collaboriive,  because  people  are  social 
animals.  At  their  essence,  humans  do  know  how  to 
combine  into  groups.  Most  peoplewant  to  be  in  an 
environment  that’s  trust-based.  It’s  a  very  healthy 


And  Uwn  what,  aftir  TN  Mrt  sodHly  orlaMwl 
taitnt?  You  have  to  have  an  organuational  design 
that  very  much  encourages  (»  creates  an  environment 
where  there  is  a  high  degree  of  collaboration  and 
teamwork.  At  Guardian,  we  have  IT  embedded  in  the 
business.  They’re  collaborating  in  two  directions.  The 
business  sees  them  as  on  their  team,  not  as  IT.  They 
see  the  stuff  that  [IT|  people  are  working  on  as  their 
business.  At  the  same  time,  we  have  cross-functional 
collaboration,  so  IT  is  vertically  collaborating  with 


Organizational  design  is  incredibly  important. 


—Interview  by  JuUa  Klag 


12  cowpyTtawoaiD 


OPINION 


Is  Every  Worker  a  Knight? 


Just about 
anyone  of 
reasonable 
means and 
modest 
tedinologkal 
acumen  on  go 
toaBestBuy 
anddiM 
suit  up. 


WHEN  I  WAS  A  CHILD,  my  parents  pericxlically  draped  me  to 
the  Cleveland  Museum  of  Art  in  the  vain  hope  that  I  would  be¬ 
came  cultured.  My  favorite  memories  of  those  trips  are  <rf  the 
Armor  Court  I  spent  hours  wandering  the  installations,  exam¬ 
ining  the  swords,  helmets  and  breastplates  worn  by  the  kni^ts  of  old. 

At  first  I  sinq)iy{Diuid  the  suits  of  annor  cool,  ]ust  about  anyone  cfieasooable  means  and  modest 

but  I  came  to  see  that  they  embodied  the  social.  technological  acumen  can  go  to  a  Best  Buy  and 

political,  economic  and  technical  realities  of  their  digitally  suit  up.  This  has  given  rise  to  ITs  crisis  du 

age.  Today,  the  d^ital  devices  we  gild  ourselves  jour  —  consumerizatioo. 

with  siniiiariy  define  the  realities  of  ccoten^rorary  TbespacesuitcouldbeviewedasbeingsotDe- 

existence.  Might  the  firrces  impacting  the  heroes  what  consumerized,  since  its  21  layers  of  material 

vdro  inhabited  the  literal  suits  of  armor  have  lessrxis  were  prtxiuced  by  Playtex.  But  consumerizatioo  is 

ibr  those  who  inhabit  today's  digital  srrits  of  armor?  mucbrtKiresignificantforlT.EnterpriselTcbief- 

Medieval  society  revolved  around  the  kn^bt.  1  tainsarebesiegedwithdemandstoeithertepli- 

recall  that  Janies  Burke,  the  British  prdymath  who  cate  or  propagate  the  features,  functioos  and  “cool 

created  and  hosted  the  vvildly  successful  Connections  fcictor"  of  digital  devices  created  for  the  consumer, 

television  series,  explained  how  the  introduction  of  Tom  Davenport  holds  the  president’s  chair  in  IT 

the  stirrup  via  Afghanistan  to  Europe  led  to  mounted  and  managemetrt  at  Bahson  College.  In  a  must- 

knights,  whose  military  successes  led  to  a  desire  for  read  article  in  McfCinsey  Quorterly,  he  questions 

bigger  horses,  rvfaich  led  to  a  form  of  agricuhure  the  sagacity  of  adopting  a  laissez4aite  strategy  to 

suited  to  breeding  bigger  horses,  wdiich  required  provisioning  the  technology  for  next-generation 

dukes  to  oversee  an  extended  agrknltutal  enterprise,  knowledge  wrakers.  Davenport  labels  the  norm  of 

whidi  all  evolved  into  the  fitudal  system.  In  medieval  knowledge  worker  techno!^  provisioning  “the 
times,  decisions  about  who  got  to  wear  the  drining  free-access  model,”  and  he  analyzes  it  this  way: 

armor,  how  the  armor  was  to  be  worn  and  used,  and  “The  most  common  approach,  giviiigknciwletjge 

who  had  to  dean  iqi  after  the  animals,  cut  the  wood  workersfireeaccesstoawidevarieCycftoolsandin' 

or  stoke  the  fires  associated  with  making  metal  suits  formatioo  resources,  presumes  that  these  employees 

■  ‘  ~  will  determine  their  own  work  processes  and  needs. 

“In  the  fiee-access  model,  the  presumption  is  that 

tioa  is  available  and  can  search  for  and  manage  it 
themselves.  It's  also  assumed  that  they  have  the 

watching  pornograpliy.  sports,  or  funny  YouTbfae 
videos  at  work.  Of  course,  these  assumptians  may 


The  New  Know: 
Innovation  Powered  by 
Analytics  and  executive 


horses  and  weapons  was  quite  significant  An  entite  “In  the  fiee-access  model,  the  presumption  is  that 

economy  had  to  be  created  to  get  the  knight  up  on  knowledgewotkets,asexperts,knowwhatinfixina- 

horseback  and  ready  fiir  combat  tion  is  available  and  can  search  for  and  manage  it 

Space  Age  suits  of  armor  — what  motlem'day  as-  themselves.  It's  also  assumed  that  they  have  the 

tronauts  wear  for  extravehicular  activity  — sitnilarly  discqiline  to  avoid  wasting  time  surfing  the  Wtb  or 

required  a  restructuring  of  society.  Getting  us  to  the  watriing  pornography,  sports,  or  funny  YouHibe 

moon  involved  coordinating  the  effiirts  of  300,000  videos  at  work.  Of  course,  these  assumptions  may 

people  and  innumerable  physical  systems.  sometimes  be  incoiiect" 

How  much  focus  and  oversiglit  should  we  apply  Around  the  world,  ITleadets  ate  attempting  to 

to  suiting  iqi  terrestrial  executives?  One  might  argue  balance  “give  them  what  they  want“  with  the  enter- 


COVER  STORY 


Should  CIOs 
Have  a  • 

BYMINDAZETLIN  " 

With  business  operations 
entan^edinthe 
unpredictable  and 
sometimes  volatile  global 
scene,  the  answer  is  a 
resounding  ^es’  (and  the 
more  detailed,  the  better). 


■  N  JULY  zoos,  a  series  of  suicide 
bomb  attacks  in  London’s  transit 
system  killed  56  people  and 
thiew  the  city  into  a  state  of 
confusiom  Tte  U.S.-based  CEO 

company  with  offices  in  London 
posed  what  to  him  seemed  a 

i  “Are  all  our  people  OK?” 


COVER  STORY 


When  Did  You  Last 
Practice  Your  Pian? 


Ttm  m  tw)  praMiTE  wWi  that  nnt,  people  ten)  10  fniet 
doin  rehears  And  second,  the  coistaM  pace  of  technologial  and  business 
chances  nil  tender  aknosi  any  plan  useiess  wWiki  a  couple  of  years  d  you 
don't  IrequendyKidaieiL 

•VdBteeer  you  decided  hi  do  ty»o  years  ago-do  you  sBH  hate  the  appro- 


chwL  The  effect  is  that  a  local  crisis  that  interrupts  conununications  andAir 
pover  yrii  pose  a  dMerent  set  of  prchlefns  than  It  wouU  have  In  the  past 
hi  pardcular.  Asshik  tules,  the  Importance  of  maintaining  an  miemet  con¬ 


nection  has  grown  dramatically  In  the  tecent  past ''We  used  to  think  alxtut 
the  internal  nentotk  and  the  outside  netynrk,  and  the  outside  one  had  a 
secondary  role,’ he  says. 'NOW,  they  each  have  the  same  ievel  of  impor¬ 
tance.  A  lot  of  the  codaboradon  that  goes  on  beMieen  employees  and  with 
partners  and  customers  is  conducted  over  the  Internet  today.’ 


continuity  plans  at  each  of  its  support  centers.  The  company  conducted  just 
such  a  test  at  hs  Cairo  location  about  a  week  before  the  Egyptian  uprising 
started,  curfews  were  imposed,  and  the  government  cut  off  SMS  and  Inter¬ 
net  communications.  With  a  wed-rehearsed  plan  hi  place.  Orange  was  able  to 
swiftly  nwve  disrupted  support  functions  to  its  other  centers  in  India.  BrazH 
and  Mauritius,  and  then  smoothly  return  them  to  Cairo  nine  days  later,  after 
the  miemet  was  restored  and  relative  calm  had  returned. 

international  SOS  practices  its  business  continuity  and  disaster  recovery 
plans  at  each  of  its  70  worldwide  locatians  at  least  once  every  six  months. 
accordhigtoMichaelShea.execulivevicepresidentfbrlT.'Onethingwere- 
Mited  when  we  fksc  started  doing  this  Is  that  the  first  time  we  practice  some¬ 
thing,  we  are  horrible  at  C  he  says.  Iffhen  we  go  to  set  up  a  data  center  at  a 
(Ssasler  recovery  site,  whether  hot  warm  or  cok).  it  never  goes  well  the  first 
time.  y*e  need  at  least  two  practices  to  do  H  smoothly.  So  if  we  practice  once 
every  six  months.  It  takes  us  at  least  a  year  to  get  good  at  it’ 


Getting  an  answer  proved  cbaUeoging.  First  there  was  no  sin^ 
staff  directory  that  covered  the  entire  company  and  was  kept  up  to 
date  with  ongoing  suff  changes.  Nor  was  there  a  single  directory  of 

exismd.  such  a  directory  would  not  have  induded  contractors,  who 
nonetheless  fit  within  the  CEO’s  definition  of  “our  peopte." 

Third,  there  was  no  central  record  of  which  London  employ¬ 
ees  were  on  vacation,  on  leave  or  travding  that  day,  or  —  mote 
worrisome  —  which  employees  bom  other  locations  mi^  be 
visitii^  LoodoiL  And  finally,  even  for  those  em|doyees  who  were 
known  to  be  in  London  and  for  whom  the  company  had  ad¬ 
dresses  and  phone  numbers,  it  was  hard  to  make  contact 
Transportation  was  disnqited,  cellphone  service  was  down, 
SMS  was  down,  and  it  was  very  undear  for  most  of  the  day  just 
what  had  happened,' recalls  Andrew  Marshall,  director  of  Con- 
sultifi,  which  bdps  companies  understand  business  risks. 

The  company’s  HR  and  IT  deport¬ 
ments  weren't  able  to  provide  a  timely 
answer  to  the  CEO's  questions,  he  says. 

“h  turned  into  a  conversation  that 
involved  philosophy  and  technology  as 
weU  as  HR,' MarshaU  notes. 

There  ate  several  lessons  any  IT 
leader  can  draw  bom  this  tale.  Fust, 
there's  no  such  thing  as  a  safe  location: 

Disruptians  can  happen  anywhere. 

Second,  K’s  important  to  have  a  plan 
thatspellsoutwbateveryone'stespao- 
sibilities  will  be  and  indudes  all  the 
infannation  you'll  need.  And  finally, 

16  COHPMTIRWOIIP  JULY  U.  2011 


systems,  because  “normal"  methods  of  communicatioo  will  likely 
fail  —  especially  mobile,  which  is  quickly  overwhelmed  by  the  spike 
in  local  demand  that  takes  place  during  any  crisis. 

Concerns  About  Crisis  Events  Grow 

h  would  be  impossiWe  to  think  about  events  of  the  past  u  months 
without  having  at  least  a  few  qualms  over  systems,  data  and  em¬ 
ployees,  especially  those  outside  the  US.,  and  the  possiUe  effect  of 

a  2010  survey  of  the  lOO  largest  technology  companies,  55%  of  ex¬ 
ecutives  repotted  worrying  about  “natural  disasters,  war,  conflicts 
and  terrorist  attacks.”  When  the  same  executives  were  again  adted 
that  questicm  in  20J1,  that  percentage  rose  to  8i%. 

In  this  increasingly  global  and  interconnected  world,  it’s  easy 

political  unrest  or  even  something  as  mundane  as  a  ship  dragging 
its  anchor  over  a  fiber-optic  cable  can 
disrupt  your  operations  in  unexpected 
ways.  Data  centers  could  go  offline. 
Data  stored  in  remote  locations  could 
become  unavailable,  as  could  your 
supply  chain.  You  could  lose  contact 
with  offshore  service  providers  due 
to  interrupted  communications. 
Software-as-a-service  applications 
could  go  offline.  And  although  cloud- 
based  infrastructure  is  mostly  hosted 
in  the  U.S.  now,  that's  expect  to 
change  in  the  next  few  years,  posing 
even  greater  risks. 

In  fact,  a  significantly  global  opera- 


It  needs  to  be  known  and 
understood  by  everyone. 


JONATHAIl  BAR,  GENERAL  MANAGER  OF 
GLOBAL  INFRASTRUCTURE.  INTERNATIONAL  SOS 


tion  is  likely  to  be  afected  by  local  disniptioiis  —  somewhere  — 
on  a  very  regular  basis. 

“There  are  events  happening  almost  constantly  at  any  time  in 
different  parts  of  the  world,  vi*ether  a  bombing  in  lakarU  or  an 
uprising  in  Egypt  or  an  earthquake  in  Japan,"  says  Michael  Shea, 
executive  vice  president  for  IT  at  International  SOS,  a  company 
that  provides  medical  and  security  services  to  travelers  and  has 
operations  in  70  countries.  With  so  many  locations  —  many  of 
them  in  emerging  markets  and  other  politically  or  econcnnically 

unstable  areas  —  operating  throu^  a  crisis  is  business  as  usual. 

“We  have  to  activate  one  of  our  business  continuity  plans  about 

every  three  to  four  weeks,"  Shea  says. 

Even  if  you  have  few  operations  in  unstable  areas,  it’s  wise  to 
consider  what  events  could  disrupt  your  overseas  operations,  affect 
your  overseas  data  or  threaten  your  overseas  employees.  A  well- 
thou^tout  foreign  policy  should  be  part  of  every  OO’s  toolkit.  But 
how  can  you  effectively  prepare  for  whatever  disasters  the  world 
might  throw  at  you?  Here  are  some  ideas  that  might  help. 

Don’t  Plan  for  Everything  Everywhere 

In  omnia  paratus  —“Ready  for  anything!"  This  might  seem  like 
a  good  approach  to  protecting  your  IT  operations  from  all  perils 
overseas.  And  indeed,  some  IT  leaders  take  the  position  that, 
since  there's  no  way  to  predict  what  might  happen  next  in  any 
geographic  location,  the  best  strategy  is  to  be  ready  to  meet  abso¬ 
lutely  any  threat  anywhere  it  may  arise. 

There’s  only  one  problem  with  this  aiqrroach:  It’s  impossible 
to  do.  “Trying  to  prepare  for  everythirrg  everywhere  leads  you 
down  one  of  two  paths,  neither  of  which  is  gorxl,"  says  Dan 
Blum,  an  analyst  at  Gartner.  “One  path  is  saying  that  whatever 
ytru’re  doing  will  have  to  be  good  enou^,  since  you  can’t  krxrw 
everything.  The  other  is  the  path  of  being  too  paranoid  and 
exhausting  yourself  chasirrg  phantoms,  and  no  organization  can 
do  that  for  very  long  CIOs  or  chief  information  security  officers 

preparedn^  everywhere  will  find  their  credibility  ertxling  artd 
their  influence  declirting  over  tirrre." 

On  the  other  hand,  it  can  be  very  hard  to  see  even  a  short 
distance  into  the  future.  Cortsider  Orange  Business  Services,  the 


Threat  Matrix 

In  South  Africa,  phone  lines  often  fail  because  people  despet  ate  foi 
money  pull  them  apart  to  sell  the  copper  wire. 


17 


tion  is  likely  to  be  affected  by  local  disruptions  —  somewhere  — 
on  a  very  regular  basis. 

“There  are  events  happening  almost  constantly  at  any  time  in 
different  parts  of  the  world,  whether  a  bombing  in  Jakarta  or  an 
uprising  in  Egypt  or  an  earthquake  in  Japan,  ’  says  Michael  Shea, 
executive  vice  president  for  IT  at  International  SOS,  a  company 
that  provides  medical  and  security  services  to  travelers  and  has 
operations  in  70  countries.  With  so  many  locations  —  many  of 
them  in  emerging  markets  and  other  politically  or  economically 
unstable  areas  —  operating  through  a  crisis  is  business  as  usual. 
“We  have  to  activate  one  of  our  business  continuity  plans  about 
every  three  to  four  weeks,”  Shea  says. 

Even  if  ytju  have  few  operations  in  unstable  areas,  it’s  wise  to 
consider  what  events  could  disrupt  your  overseas  operations,  affect 
your  overseas  data  or  threaten  your  overseas  employees.  A  well- 
thought-out  foreign  policy  should  be  part  of  every  CIO’s  toolkit.  But 
how  can  you  effectively  prepare  for  whatever  disasters  the  world 
might  thmw  at  you?  Here  ate  some  ideas  that  might  help. 

Don’t  Plan  for  Everything  Everywhere 

In  omnia  paratus  —“Ready  for  anything!”  This  might  seem  like 
a  good  approach  to  protecting  your  IT  {^rations  from  all  perils 
overseas.  And  inde^,  some  IT  leaders  take  the  position  that, 
since  there’s  no  way  to  predict  what  might  happen  next  in  any 


“Trying  to  prepare  for  everything 
everywhere  leads  you  down  one  of  two 
paths,  neither  of  which  is  good.”  says  Gartner 
analyst  Dan  Blum. 


path  of  being  too  paranoid  and 
phantoms,  and  no  organization  can 
r  chief  information  security  officers 
laintain  the  same  very  high  level  of 
ill  find  their  credibility  eroding  and 


business  communication  arm  of  one  of  Europe’s  largest  mob 
providers.  Tbe  company  bas  four  major  support  centers  in  Ej 
One  day  last  winter,  Paul  Joyce,  senior  vice  piesident  of  intei 
tional  customer  service  and  operations,  paid  a  routine  site  vi 
to  the  company’s  facility  near  Cairo.  With  protests  sweeping 
through  nearby  Tunisia.  Joyce  asked  the  company’s  local  stal 


How  to  Create 
A  Valid  Threat  Matrix 

In  South  Africa,  phone  lines  often  fail  because  people  desperate  for 
money  pull  them  apart  to  sell  the  copper  wire. '  >  '  ' 


17 


COVER  STORY 

“They  joked  that  the  wotst  trouble  would  arise  bom  [ousted 
ptesident]  Ben  All  flying  by  oveibead  on  his  way  to  Paris,"  Joyce 
says.  Th^  were  sure  it  would  never  happen  there."  Only  a  week 
later,  they  were  proved  wrong. 

You  can't  be  ready  for  everything  everywhere,  but  at  the  same 
time,  speciflc  events  in  specific  (daces  can  be  nearly  impossible  to 
foresee.  So  bow  do  you  preyure? 

“My  recottunendation  is  a  balancing  act,”  Blum  says.  "You 
want  to  raise  your  baseline  capability  to  cope  with  any  crisis. 

You  raise  that  as  hi^  as  you  reasonably  can,  given  the  costs  and 
potential  benefits.  But  then  you  look  at  worst-case  scenarios  that 
would  be  catastrophic  to  the  business  in  terms  (d  what's  most 
likely  to  happen,  and  that  will  vary  by  location.’  (For  more  on 
how  to  calculate  the  risk  of  specific  events  in  difibrent  places,  see 
“How  to  Create  a  Valid  Threat  Matrix"  on  the  previous  page.) 

partners  are  located?  “Anyone  with  access  to  the  Internet  and  a 
news  service  should  have  a  basic  idea  of  what's  goit^  on,"  Marshall 
says.  But,  he  adds,  you  shouldn't  try  to  go  it  alone.  “Every  orga- 
■  '  Its.  You  may  have  a  risk 

ly,  or  there  are  commerciai 


What'S  in  Your 
Crisis  Suitcase? 


down.  ITS  a  good  idea  to  have  a  siinaar  bag  of  tricks  stored 
ki  a  closei  at  each  of  your  company's  locations. 

Here  are  the  contents  of  an  International  SOS  field  de- 
ptoyment  pack 


the  printer  is  more  important  than  you  might  think  ex¬ 
plains  Jonathan  Bar.  general  manager  of  global  kifrastruc- 
tuie.  YOU  may  need  to  print  travel  papers  or  other  docu¬ 
ments,  or  photos  of  people  you're  searching  for. 

Recently,  the  company  has  begun  including  iPads  in  its 
field  deployment  packs.  With  their  high-quality  Image  dis¬ 
play  capabily.  long  battery  life  and  robust  mapping  tech¬ 
nology,  they  can  be  very  handy. 


One  of  your  best  sources  of  infixmation  is  whatever  staff  you 
have  on  the  ground  in  a  potenrially  troubled  location.  Depend  on 
them  Cor  insi^it,  and  m^  sure  t^  have  a  plan  Ibr  where  to  get 
their  own  news  if  a  local  event  causes  disruptioos. 

Sometimes  it's  possiUe  to  see  a  problem  coming  well  in 
advance.  Although  the  earthquake  and  damaged  nuclear  reactor 
in  Fukusbima,  Japan,  are  no  longer  making  daily  headlines. 
Orange  is  helpit^  a  client  located  nearby  consolidate  and  relocate 
ofieiations  to  Indonesia  as  soon  as  passible.  Why?  “The  biggest 
challenge  Cot  many  there  was  power  continuity,”  Joyce  says. 
“Coming  into  the  peak  of  the  summer,  there  will  still  be  a  serious 
aftereffect  of  that  disaster.  We're  anticipating  rolling  Uackouts." 

Ask 'What  ifr 

Once  you've  oonsideTed  what  types  of  disruptioos  are  most  likely  at 

ers  and  talk  through  each  of  those  scenarios. 

“It's  worth  running  through  a  catalog  that 
might  include  dvil  unrest,  power  supply 
problems,  intemqxioo  of  Internet  service 
and  a  terrorist  att^  although  trying  to 
imagine  and  foresee  everything  will  take  you 
down  some  blind  alleys,"  Marshall  says. 

It’s  an  important  opportunity  to  learn  just 
what  top  management  will  ex{)ect  of  IT  in  a 
crisis.  “See  if  everyone’s  assumptions  are  the 
same,"  Marshall  suggests.  “Ninety  (lercent 
of  the  time,  someone  will  say, ‘I  thought  you 
guys  would  be  up  and  tunning  for  that!’ " 

People  tend  to  assume  that  working 
systems  stay  that  way,  be  notes. ‘Anyone 
who's  worked  in  a  company  with  central- 
ixed  data  storage  krxnvs  there  are  all  kinds 
of  misconceptions  about  what  you  will  and 
won’t  be  able  to  access,  and  the  assumptions 
you  make  in  IT  won’t  be  the  same  ones  that 


-  uiNoa  ZEiim 


Finance  or  other  departments  make."  Key  areas  to  cover  for 
each  scenario:  Will  the  Internet  be  available?  What  about  phone 
service?  If  data  needs  to  be  restored  from  a  backup,  bow  long  will 
it  take?  “I>ecq)le  tend  to  assume  that,  since  we  have  backups,  the 
dau  will  be  instantaneously  available,"  Marshall  says. 

Another  reason  for  this  exercise  is  for  you  to  learn  which 
systemsaremostessentialtokeepingthecompanyrunning  — 
and  they  may  not  be  the  most  complex  or  challenging  ones  from 
ITs  point  of  view.  “Generally,  anything  around  your  revenue 
stream  is  highly  critical,”  says  Terry  Assink,  group  vice  president 
for  Brand  Velocity,  which  consults  on  business  project  implemen- 
Utions,  and  former  QO  of  Kimberly-Clark.  “You  need  to  be  able 
to  take  in  money.-and  you  need  to  be  able  to 
pay  your  employees." 

“'four  finance  deyiartment  may  be  very 
needed  during  a  crisis,”  adds  Shea.  “If  you're 
in  Egypt  during  tbe  unrest,  and  you  need  to 
charter  airplanes  so  you  can  get  people  out  cd 
there  safely,  you  will  need  finance  people  and 
financial  resources  to  make  that  iappen." 

Asking  “What  if?”  made  a  huge  difference 
forAlliedTelesis,wfaichsuppliescommunica- 
tioas  for  the  US.  Air  Force  base  in  Yokota, 
Japan,  about  190  miles  fiom  Fukushima,  where 
much  of  the  local  infrastructure  was  destroyed. 
Despite  massive  (soblems  and  power  outages, 
the  YokoU  base  never  lost  comnwinicatioos. 

One  reason  is  that  less  than  three  weeks 
before  tbe  Fukushima  earthquake,  a  huge 
earthquake  struck  Christchurch,  New 
ZealamL  “That  earthrpiake  did  spur  us  to 
look  at  certain  dements  of  our  operation  in 
Japan,”  notes  Keith  Southard,  CEO  of  Allied 


thdr  playbook  and  create  an  equally 

well-laid-out  set  of  plans  and  procedures  for  your  staff  to  follow 
in  a  crisis  situation. 

With  locations  in  70  countries  and  crisis  plans  activated  on  a 
monthly  basis.  International  SOS  takes  this  approach.  Its  IT  team 
has  gotten  adept  at  creating  plans  that  are  extremely  detailed. 

Most  come  not  only  with  very  specific  tasks  and  responsibilities 
that  each  emfdoyee  must  take  on  in  a  crisis,  but  even  a  diagram 
of  where  each  team  member  will  sit  in  tbe  cri^  management 
room.  Tbe  information  is  reinforced  with  rehearsals.  And  there  ate 

where  to  go  during  a  crisis,  or  that  they  should  notify  a  supervisor 
if  one  of  their  qrecial  internal  phone  lines  tings. 

“You  have  to  make  it  dummy-proof,"  Shea  explains.  “In  an  inci¬ 
dent  like  the  Japanese  earthquake,  everyone  is  shocked.  No  one 
is  prepared  for  something  like  that,  and  they  need  to  have  very 
clear  guidance." 

That  goes  for  people  for  from  the  crisis  location  as  well.  One 
important  but  oftmi  forgotten  task  is  to  get  wtnd  out  to  the  rest 
of  your  organization,  and  perhaps  your  customers  as  well,  letting 
them  know  that  you  have  the  crisis  in  hand,  arxl  whether  and 
how  it  may  affect  them.  When  rioting  and  the  Internet  suspen¬ 
sion  in  Cairo  caused  Orange  Business  Services  to  temporal 
suspend  operations  at  its  support  center  there,  the  company  set 
up  an  internal  Microsoft  SharePoint  site  where  its  employees 
could  check  fix' sums  updates  and  find  answers  to  frequently 
asked  questions. ‘It  got  more  than  3,000  hits  a  day,"  Joyce  notes. 
“That  was  a  lot  more  efficient  than  having  to  send  out  emails  or 


set  up  conference  calls."  Indeed,  you  might  consider  having  a 
temfjate  website  set  up  so  it’s  ready  to  go  when  a  crisis  occurs. 

vhien  platming  fix  a  crisis,  in  addition  to  using  posters  and 
diagrams.  International  SOS  IT  execs  have  frequem  meetings 
with  employees  in  various  locations  to  map  out  who  will  do  what. 
“We  look  at  each  individual  department  and  break  it  down  into 
actionplans,"saysJonathanBar,generaltnanagerofglobalinfia- 
striKture.  “They’re  like  flowcharts  fix  each  department  to  firliow 
that  the  supervisor  leading  the  charge  can  refer  to.  They  lay  out 

they  can  activate  the  platL  It  walks  them  thmigh  all  the  steps." 

Keep  in  mind  that  in  an  emergency,  all  employees  can  be  called 
on  to  help  out,  not  just  those  with  IT  or  support  jobs.  “We  may  have 
someone  who  wixks  in  finance,  on  collectioos,"  Bar  says.  “In  the 
middle  of  a  crisis,  we  aren't  collecting  fimn  our  customers,  but  that 
person  is  still  vahiaUe  because  be  or  she  can  step  in  and  take  over  a 
rtde  where  stxneone  else  is  exhausted,  such  as  answering  phoires." 
Likewise,  be  says,  it’s  importam  to  include  all  employees  in 

tion  of  senior  or  midlevel  management.  It  needs  to  be  krtown  and 
understood  by  everyone."  Bar  says. 

“The  real  toy  is  to  understand  the  value  of  your  people,"  he 
adds.  “They’re  your  most  important  asset,  and  they  can  keep  you 
moving  forward."  ♦ 


Other  and  Why  They  Need  Eadi  Other  to  Survive. 


19 


Big  hnon  ooMitf  ta  piifict  for  hoitiiiC 

aprivaltdoiiB,4)ut\j^ere’s  the  user 
pcovisioning?  BYTAHHAROpir 


irr 


INSPIRE 

unbridled  innovation  with  the 
power  of  convergence. 

HP  Converged  Infrastructure  ignites  what's  next  with  HP  ProLiant  servers. 

Get  ready  for  a  breakthrough  in  the  way  computing  serves  your  business.  With  ROi 
in  os  little  as  2  months,*  HP  ProLiant  DL380  G7  servers  and  FlexFobhc  Converged 
Networking  enabled  HP  ProLiant  BL460c  servers  powered  by  the  Intel"^  Xeon’ 
processor  5600  series  offer  a  dramatic  upgrade  over  your  old  infrastructure. 

By  utilizing  new  breakthroughs  in  manogement  efficiency,  you'll  be  able  to  n 
productivity  and  savings  while  you  accelerate  the  pace  of  innovation. 

m  how  HP  Insight  Control  con  help  you  turbocharge  productivity  with 
white  paper  Coining  Business  Value  and  ROI  with  HP  Insight  Remote 

nagement  Software  ot  hp.com/go/turbochargel2 


HP  ProLiant  BL460c  G7 

•  16GB  of  memory,  expar 


Intel'  Xeon  processors  5600  senes  (2.53GHz)  installed 
mory,  expandable  up  to  384GB  of  memory 
Smart  Array  Controller  P4l0i 
One  integrated  NC553.  Dual  Port  10Gb  Fie 


•  Up  to  two  HP  hot  plug  smoll  bn 

$4,399  (Save  $477) 


IP  ProLiant  DL380  G7  se 


$2,674  (Save  $542) 


ibnc  Converged 
S,  SATA,  or  Solid  State  Dnv, 


-  384GB  of  memor. 


Up, 


CLOUD  COyPUTiNG 


Continued  from  page  20 

mainframes  have  done  for  years,  he'll  say. 

‘A  mainframe  is  a  cfoud,"  contends  )oa  Toigo,  CEO 
of  Totgo  Partners  International,  a  data  management 
consultancy  in  Dunedin,  Fla. 

If  you,  like  Totgo,  define  a  doud  as  a  resource  that  can 
he  dynamically  pcovisiooed  and  made  available  within  a 

“then  all  ofthat  easts  already  in  a  mamfiame,"  he  says. 

Of  course,  Tngo's  isn^  the  only  definition  of  what 
constitules  a  doud.  Most  eiqrerts  say  that  a  key  at¬ 
tribute  of  the  doud  is  that  the  dynamic  provisioning  is 
self  service  —  that  is,  at  tte  user’s  demand. 

which  is  the  basis  for  much  of  its  security,  tradition¬ 
ally  requites  an  administrator  to  provision  computing 
power  lor  qrecific  tasks.  That's  why  the  mainframe 
has  a  leputatimi  as  old  tecbnolagy  that  operates  under 
an  outdated  IT  paradigm  of  command  arid  control. 

It’salsoooeofthereasooswfaymostdoudcomput- 
ir^  mday  runs  on  z86hased  distributed  arcliitectutes, 
not  maintrames.  Other  reasons:  Mainframe  hardware 
is  expensive,  licensing  and  software  costs  tend  to  be 
high,  and  there  is  a  shortage  of  mainframe  skills. 


[The  mainframe]  has  scalability 
and  partitioning  built  in  at  its  core. 


ttrarty  companies  want  to  irse  their  big  iron  for  doud 
computing.  In  a  CA  Technologies-sponsored  survey 
of  200  U.S.  mainframe  executives  last  fall,  73%  <rf  the 
respondents  said  that  their  maitrfratnes  were  a  part  of 
thdr  future  cloud  plans. 

And  IBM  has  been  prorooting  mainframes  as  cloud 
platfbnns  for  several  years.  The  company's  introduc¬ 
tion  last  year  of  the  zEnterprise,  wfai^  gives  orga- 
nizatfoos  the  option  of  combining  mairJtaroe  and 
distributed  computing  [datfocrns  under  an  umbrella  of 
common  management,  is  a  key  part  of  IBM’s  strategy 
to  make  mainframes  a  part  of  tite  doud,  say  analysts. 

The  company  set  the  stage  lo  years  ago  ndien 
it  gave  all  of  its  ntairtframes,  starting  with  zSeries 
S/390,  the  ability  to  run  Linux.  While  mainframes 
had  been  virtualizing  since  the  introduction  of  the 
VM  operating  system  30  years  earlier,  once  IBM 
added  Linux,  you  could  run  virtual  x86  servers  on  a 

Over  the  past  several  years,  some  organizations 
doing  that,  you  have  the  basis  for  a  private  cloud. 


“You  have  this  incredibly  scalable  server  that’s 
very  strong  in  transaction  management,"  says  Judith 
Hurwitz,  president  and  CEO  of  Hurwitz  &  Associ¬ 
ates,  an  IT  consultancy  in  Needham,  Mass.  “Here’s 
this  platform  that  has  scalability  and  partitioning 
buik  in  at  its  core." 

Plus,  the  mainframe’s  strongest  assets  —  reliabil¬ 
ity,  availability,  manageability  and  security  —  are 
the  very  characteristics  that  companies  ate  most 
concert  about  as  they  consider  rolling  out  major 
business  apfdications  in  the  doud,  she  says. 


The  Sticking  Point:  Provisioning 

But  that  lack  of  support  for  self-provisioning  is  glaring. 
“ThemainframeisverywellcontroUedinmostoigani- 
zatkms,  often  to  the  point  where  it’s  locked  in  a  room 
and  people  can’t  access  it,"  says  Jube  Craig  an  analyst 
at  Enterprise  Management  Associates.  “[Mainframe 
vendors]  are  goitig  to  have  to  do  some  developing  to 
allow  the  self-service  features  the  doud." 

Reed  Mullen,  IBM’s  System  z  doud  comput¬ 
ing  leader,  says  that  the  lack  of  self-provisioning  is 
cultural,  not  technological.  Companies  could  enable 
self-provisioning  in  mainframes  either  by  using 
IBM’s  Trvoli  Service  Automation  Manager  or  through 
custom  development,  he  says. 

And  yet  be  acknowledges  that  such  implementa¬ 
tions  would  still  depend  on  the  IT  department  —  users 
wouldn’t  have  full  sdf-service  autonomy.  Specifically, 
mainfiame  systertrs  with  self-provisioning  options 
would  require  a  user  to  submit  a  request  by  email, 
and  IT  would  have  to  approve  the  request  before  the 
resources  were  provisiooed,  Mullen  explains.  This  re¬ 
flects  the  “old  habits"  of  the  mainframe  world,  he  says. 
Butbealsonotesthatanykindofclouditnpletnenta- 
tion,  induding  those  on  distributed  systems,  would 
include  an  approval  process. 

“I  know  the  perception  is  that  the  user  doesn’t  have 
to  bother  anyb^  in  IT  —  that  I  just  have  to  pomt 
and  dick  to  get  my  service,"  Mullen  says.  But  in  every 
cloud  scenario,  be  adds,  there’s  some  kind  approval 
process  —  a  way  to  prioritize  the  requests  — even 
though  that  process  may  not  “require  human  eyes.” 

As  for  the  licensing  costs,  MuUen  says  that  IBM’s 
current  generation.  System  z,  has  a  little-used  “on- 
off"  featirre,  whereby  mainframe  administrators  can 
turn  a  processor  core  on  for  a  limited  time,  paying 
short-term  day  rates  for  IBM  software  rather  than 
bttying  an  expetrshre  atmual  license  based  on  the 
number  of  processor  cores.  “We  are  looking  at  taking 
advantage  this  infrastructure  to  make  it  even  more 
suitable  for  a  doud  ertvitonment  where  there  is  a  lot 
of  unpredictable  usage,"  says  Mullen. 

But  it’s  hard  to  find  an  organization  that’s  using 
a  mainframe  in  a  self-provisioned  cloud  computing 


as  cloud  is  just  hype.  The  technology  may  inrleed 
exist,  but  the  question  is  whether  companies  are 

Cbnrinuedonpitgeaa 


TH£  COMH/riXWOKU) 
I)  HONOaS  HKIGSAU 


In  our  Search  for  New  Heroes,  we  congratulate  The  Social  Genome 
Projea  and  founder  AJ  Jaghori  {http://linkd.in/o9QAom)  for  being 
seleaed  as  a  201 1  Laureate  and  a  21st  Century  Achievement  Award 
Finalist,  for  their  innovative  secure  social  media  applicadon,  iUger, 
a  transformational  social  media  in-a-box  solution  that  may  very  well 
create  the  next  social  wave. 

In  2008  the  Social  Genome  Projea  started  as  an  academic 
weekend  R&D  projea  in  Cambric^,  MA  when  several  “odd  minds” 
(OpenSGP.com,  2011)  with  passion  for  open  social,  mobile,  and 
data  security  development  came  together.  iLiger  is  only  1  of  10  distina 
applications  developed  that  has  seen  day  light,  most  remain  in  the 
lab  because  “oiu  intention  was  never  to  release  these  applications  into 
produaion,  but  rather  experiment  and  have  fon  with  it  in  our  spare 
time,”  says  Jaghori.  The  Social  Genome  Projea  has  evolved  into  a 
non-profit  helping  other  non-profits  and  is  rapidly  gaining  industry 
anention  with  pressure  to  bring  applications  out  of  the  lab. 


The  Social  Genome  Project 


CLOUD  COMPUTING 


actually  using  it,  says  Bill  Claybmd:,  president  of 
New  River  Marketing  Research  in  Concord,  Mass.  “If 
they  ate  not  automating  things,  if  they  don't  have  a 
self-service  portal,  then  it’s  ixtt  a  cloud  architecture; 
it’s  just  a  virtualized  environmenC  he  says. 

One  reason  why  it’s  hard  to  find  a  self-proviskmed 
mainfiame-based  doud  may  be  because  we’re  still  in 
the  eatiy  days  of  cloud  computing  “There  is  incon¬ 
gruity  between  what’s  out  there  in  cloud  today  and 
what  these  big  mainframes  do,"  says  Phil  Murphy,  an 


The  one  cloud  scenario  that  includes  selfprovisioaing 
is  the  modd  used  by  globai  outsourcing  companies, 
where  far-fiung  developess  have  the  ability  to  automati¬ 
cally  set  up  their  own  testing  and  developmem  plat- 
forms.  Those  aren’t  all  mainfiamehased.  but  Murphy 
thinks  some  of  them  must  be. 

Mullen  agrees  that  the  oSshoring  model  is  a  good 
example.  A  platform-as-arservice  setup  like  that  “is 
perhaps  the  dominant  usage  of  a  doud  infiastructuie 


ing  power  at  lower  costs  than  they  do  today,  more 

based  doud.  Hurwitz,  for  one,  says  many  of  her 
clients  are  looking  into  it,  althou^  none  are  ready 
to  talk  about  it  publicly.  “It’s  something  we’re 
going  to  see  a  lot  more  of"  she  predicts. 

-The  Very  Early  Adopter 

Marist  College  is  a  poster  child  for  IBM  main¬ 
frames.  The  college  is  ri^  down  the  road  fiom 
an  TBM  mainframe  itianiifacturing  plant  in 
Poughkeepsie,  N.Y.  Marist  has  had  a  tesearch- 
and-development  partnership  with  IBM  for  more 
than  zo  years,  and  it  helped  IBM  develop  and  roll 
out  System  z  Linux. 

Marist  has  rewritten  many  xS6-based  applica- 
tionstorunonLinirxrHiitstwoSystemzmain- 
fiames.  The  college  runs  So  Linux  servers,  mostly 

handling  administrative  tasks,  on  one  mainframe, 

and  it  has  mote  than  600  Linux  servers  rutming 

academic  a{plications  on  the  other. 

The  coU^  runs  other  appUcations  on  an  IBM 
System  p  midrange  computer  and  IBM  blades  as 
well.  But  the  mainframes  are  “the  teal  engine," 
says  Bill  Thitsk,  Marist’s  CIO. 

Marist  is  getting  big  cost  benefits  fiom  vir¬ 
tualizing  on  the  mainframe.  The  college  avoids 
purchasing  extra  server  hardware,  phis  it  saves 
cm  space,  power  and  IT  staff  to  manage  the  data 
center.  It  not  only  avoids  having  to  pay  extra  for 
eadi  iqifdicatkm  it  adds  to  the  mainfiame,  but 
also  benefits  bom  increased  utilization  cd  the 
mainframe,  resulting  in  a  very  good  return  on  assets, 
says  Thitsk.  He  calls  Marist’s  setup  a  doud. 

Skeptics  would  say  it’s  not  a  doud,  because  it  has 
no  user  provisioning.  But  there  is  some  provisioning 
going  on:  When  students  enroll  to  study  computer 
sdence,  for  example,  they  are  automatically  provi- 
siooed  with  a  mainframe  partition,  Thitsk  says.  And 
when  they  leave  the  school,  be  adds,  “that’s  sucked 
back  into  the  fold  and  re-allocated  automatically." 

Thou^  critics  mi^  disagree,  Thirsk  says  the  lack 
of  user  provisioning  isn’t  important. 

“The  foct  is  that  if  you  wanted  to  change  the  policy 
[to]  where  the  student  could  just  order  it,  it  would 
come  down  to  the  same  autoprovisioning  routine,” 
he  says.  “We  do  it  mote  explit^  because  it’s  an  aca¬ 
demic  institution.  The  faculty  decide  what  resources 
get  used  by  students,  depending  on  their  courses.” 

Marist  has  advantages  that  make  buikling  a 
mainfiamehased  cloud  easier.  It  gets  an  academic 
discount  on  the  mainframes,  although  the  price 
breaks  aren’t  any  larger  than  those  available  to  other 
universities,  says  Thirsk.  And  thanks  to  an  IBM-spon¬ 
sored  mainframe  academic  program  at  the  college, 
Marist  has  a  buih-in,  cheap  souioe  of  IT  labor  with 
mainframe  and  System  z  Linux  skills. 

“Where  one  00  might  have  to  hire  very  expensive 
professionals  to  run  their  data  center,  1  have  an  entire 


24 


ft.  2011 


internship  program,  and  my  labor’s  fairly  inexpen¬ 
sive,”  Thirsk  notes.  “I  only  have  three  professionals  to 

Marist’s  cloud  is  starting  to  get  some  attention. 
‘Four  years  ago,  when  I  started  talking  about  this, 
nserybody  looked  at  me  like  I  was  crazy,”  Thirsk 
says.  But  as  the  years  have  passed,  others  have  taken 
m  interest  in  Marist’s  computing  environment  He 
aotes  that  he  has  hosted  lots  of  visitors  eager  to  team 
svhat  the  college  is  doing,  iiKluding  representatives 


Four  years  ago, 
when  I  started 
talking  about 
this,  everybody 
looked  at  me 
like  I  was  crazy. 


doud'fnendlyv  she  says.  Eustis  thinks  1 
has  all  the  pieces  in  place  to  enable  bu 
self-provision  a  main&ame-based  clou 


ington.  D.C-bosed  writer  speciohzing  tn 
;ss  and  public  policy.  She  can  be  contacted 
te,  TamHarbertcom. 


INFORMATION  ASSURANCE 


800-888-UMUC  •  umuc.edu/mychalUngt 


I  cording  to  a  recent  Forrester  Research  report. 

YouTlibe 

IWHE  ENTERPRISE 


The  National  Naval  Medical  Center  in  Bethesda, 
Md.,  is  fully  aligned  with  the  YouThbe  generation.  Its 
;  military  patients  can  access  videos  and  hospi- 
brmation  on  denrand  from  r,400  TV  screens 
in  hospital  rooms  and  across  the  campus.  Doctors 
and  nurses  can  watch  department-produced  training 
videos  during  the  midni^t  shift  on  any  of  8,000 
desktops  in  its  many  buildings. 

Members  of  the  rao-person  IT  staff  (average 
age:  31)  even  post  videos  cddepartrrrent  birthday 
parties  atKl  practical  jdtes  to  the  organization’s  intra¬ 
net  —  accessible  only  by  IT  employees. 

CIO  Tony  Thornton  says  he’s  just  keeping  up  with 
the  times.  “Similar  to  the  way  video  is  used  in  other 


IT  departments 
have  a  new  role:  video 
content  manager. 


Dallas 

September  13, 2011 


Register  today! 
www.itroadmap.net/2011dallas 


At  IT  Roadmap  Conference  &  Expo,  you'll  discover 
everything  you  need  to  know  to  make  informed 
technology  decisions  for  the  year  ahead  -  in  just 
one  day.  And  we're  coming  to  Dallas! 


Through  ROI  workshops,  technical  tutorials, 
strategy  sessions,  roundtable  discussions, 
keynote  addresses,  networking  opportunities 
and  an  interactive  expo  floor,  you’ll  hear  fresh 
perspectives  and  new  technology  insights  from 
the  industry’s  leading  IT  analysts,  top  tech 
practitioners,  and  experienced,  high-profile 
end  users. 

All  new  morning  tracks  include: 

•  The  New  Data  Center 

•  The  Connected  Enterprise 

•  The  Modern  Network 

•  The  Public  &  Private  Cloud 

•  The  Evolving  Threat  Landscape 

Who  Attends: 

•  CIOs  &  VPs 

•  Directors  of  IT 

•  IT  Managers 

•  Architects  &  Engineers 


For  more  information  about  sponsorship 
opportunities  and  benefits 

Contact  Andrea  D'Amato.  Vice  President  and 
Publisher  of  Network  World,  at 

or  508-766-5455. 


CONTENT  MANAGEVENT 


Continued /nm  page  26 

here.  It’s  pushing  infonnation  out  to  our  users." 

It's  not  rocket  sdence,  notes  Whit  Andrews,  a  Gartner  analyst. 
‘Video  has  been  used  Coe  training  since  the  Second  Whild  War.  But 
YouHabe’s  ease  of  use,  compatibility  and  cross-pUtform  relevance 


ness  unit  handling  the  video  it  uses.  But  mature  otganizatkxis  are 
assigning  management  of  all  video  to  the  IT  departmert  to  tap  the 

Concern  about  whether  the  network  infrastructure  can  handle 
video  traffic  has  tempered  the  enthusiasm  of  many  esecutives. 
"Folks  are  still  using  webcastit^  internally  for  company 
unicatioeis,  and  external 
[s.  But  as  for  as  [supporting] 

that  hasn't  happened  yet"  on  a  broad  scale,  Kaicher  says,  because 
of  netwDik  ar^  control  issues.  There  are  also  security  cotKems 
about  proprietary  video  leaking  out  into  public  rlomains. 

But  a  handful  of  organizatioas  have  taken  the  leap  into  video 
content  management  and  are  managing  the  technical  arxi  secu¬ 
rity  challenges  on  the  Sy,  as  they  arise. 

PtaybigRbyEar 

The  Manhattan  School  of  Music  (MSMX  an  international  music 
conservatory  in  New  York,  uses  Polycom’s  bigh-definitioo  video- 
conferencing  systems  and  open-source  scft 
ware  to  make  recorded  training  sessions 


"Whhaveuooohouts'worthafeduca- 
tional  video,  and  we’re  now  taking  all  that 
ardiival  material  and  getting  it  onto  our 
server,"  says  Cbiisdanne  Orto,  associate 


The  Business 
Case  for  Video 


eaters,  but  there  are  many  ways  to  solve  that  problem.  Andrews  tei 


in  that  office,  so  they  only  pipe  in  video  horn  on 

Other  methods  inclurle  "fetch  ahead,"  where  the  CEO  records 
a  presentation  24  hours  in  advarxe  and  distributes  it  to  all  neces¬ 
sary  locations.  Then  she  follows  up  with  a  live  Q&A  that  may 
include  only  audio  with  images  or  slides. 

MSM  purchases  network  bandwidth  bom  its  next-door  n^hbor, 
Columbia  University.  The  &ber-optic  cormectioos  will  help  address 
increasing  network  usage  as  its  video  offirings  grow,  Orto  says. 

The  Naval  Merlical  Center,  which  manages  a  huge  IP  video 
communications  infrastructure  powered  by  VBtick  Systems,  has 
a  10GB  backbone  and  the  ability  to  push  up  to  iGB  to  the  desktop. 
The  netwrrrk  averages  about  2$Mbps  of  peak  traffic  —  though  this 
may  double  in  the  next  12  months,  when  the  center  gets  all  of  its 
video  applications,  such  as  digital  signage,  fully  up  and  rurming. 
Even  then,  Thornton  estimates  that  it  will  be  using  only  30%  of 
availaUe  bandwidth. 

The  Manhattan  School  of  Music  maintains  tight  control  over 
its  video  content  because  of  music  copyright  issues  and  student 


fomumoes  on  its  website,  while  a  private  intranet  lets  students  log 
in  with  a  password  to  retrieve  vidra  for  training  purposes. 

The  school  uses  Drupal  open-source  content  management  soft¬ 
ware,  which  lets  students  tag  files  with  keywords  that  will  make 
it  easier  to  find  vkleos. 

like  other  content  formats,  video  could  cause  problems  if 
embarrassing  or  confidential  material  is  made  public.  At  the 
Naval  Medical  Center,  Thornton  is  aware  <rf  the  challenges  and 
potential  dangers  of  hosting  formal  and  informal  video  content, 
but  he  will  keep  constraints  to  a  minimum  —  for  now. 

“There  is  the  potential  to  put  stuff  out 
there  that  you  would  not  want  people 
to  see.  We  haven’t  seen  people  abuse  it 
just  yet,  but  we  anticipate  it’s  going  to 
happen,"  Thornton  says.  ‘But  I  don't 
necessarily  advocate  'Let’s  lock  it  down  in 

as  you  go  —  and  when  policy  needs  arise, 
tbm  that’s  what  we’ll  do.” 

Looking  ahead,  analysts  say  that 


sion  rates  of  video  files,  makes  video 
storage  more  reasonable  than  it  was  several 
years  ago.  “The  cost  of  storage  on  the  back 
end  is  minuscule,"  Thormon  says. 

MSM  expects  to  add  400  hours  of  video 
content  to  its  searchable  archives  each  year. 
For  now,  it  will  add  new  servers  as  needed, 
but  “down  the  road  we’re  thinking  about  a 
cloud  computing  solution,"  Orto  says. 

Video  files  are  ravenous  bandwidth- 


witbout  including  video  capability  would 
be  a  big  mistake. 

“Enterprises  must  face  the  foct  the  video 
is  a  key  efement  of  their  future  internal 
and  external  messagit^  strategies,"  says 
Gartner’s  Andrews.  Adopting  an  internal 
s  a  must,  he  adds,  pointing 


its  training  videos  on  YouTbbe,  making 

test  of  the  vroild  "Tlie  longer  you  wait,”  he 
says,  “the  more  likely  that  company  video 
is  going  to  turn  up  on  YouTube."  • 


Trouble 

Ticket 


joinnai 


The  Perils  of  Enterprise  Search 

First  and  foremost, you  have  to  make  sure  you  don’t 
compromise  the  rule  of  least  privilege. 

of  documents  that  they  shouldn't  have 


I’M  A  lie  MN  OF  SEARCH.  The 

ability  to  use  the  Internet  to  cull 
information  on  virtually  any  topic 
with  just  a  few  clicks  has  made  me 
more  efficient  and  better  informed. 
And  “information’' can  come  in  the  form 
[nctuies,  documents,  videos,  news  feeds 
—  whatever  you  need. 

So  you  might  think  that  when  my 
company’s  application  team  t(dd  me  they 
wanted  to  initiate  an  enterprise  search 
project,  I  would  have  jun^ped  on  board. 


the  infrastructure  and  begins  pointing 
it  to  data  repositories.  Before  you  know 
it,  someone  conducts  a  search  with  a 
term  like  “M&A"  and  turns  up  a  sensi¬ 
tive  document  naming  a  company  that's 
being  considered  for  acquisition,  or  a 
search  for  the  word  “salary”  reveals  an 
employee  salary  list  that  was  saved  in  an 
inappropriate  directory.  In  other  words, 
people  will  be  able  to  find  all  manner 


access  to.  h’s  a  flagrant  violation  of  what 
is  probably  my  most  important  security 
plffiosophy:  the  rule  of  least  privilege. 

The  rule  of  least  privilege,  which  I  have 
discussed  here  many  times  before,  holds 
that  information  should  be  accessible 
only  by  those  who  have  a  need  to  know 
it  When  you  apply  this  rule  to  enterprise 
search,  it  means  that  searches  should  turn 


that  the  searcher  is  allowed  to  see. 

When  it  comes  to 
controlling  access  and 
exposure  to  searchable 
data,  you  can  idy  on  the 
techniques  referred  to 
as  early  binding  and  late 
binding,  or  you  can  adopt  a  hybrid  model. 
With  early  binding,  users  dedde  who  can 
access  a  document  when  they  add  it  to 
the  search  index.  With  late  binding,  the 
decision  is  made  when  a  query  is  submit¬ 
ted.  Early  binding  is  much  more  conqilex 
to  set  iq>  and  maintain  but  ofim  better  per¬ 
formance.  My  recommendation,  though, 
is  a  hybrid  approach,  which  offers  the  best 
of  both  worlds.  Of  course,  you  will  have  to 
consider  the  pros  and  coos  and  weigh  them 
agairrst  your  own  fuganization's  needs. 


The  fact  that  your  enterprise  search 
results  will  be  provided  via  a  URL  can 
cause  another  problem.  You  need  to 
make  sure  that  such  URLs  can't  be 
manipulated  to  provide  access  to  other 
documents  or  data.  For  example,  a  URL 
such  as  uwwcompoiQi-intranetcofn/ 
go?vieu>doc=aio  might  be  open  to  ma¬ 
nipulation  by  simply  changing  the  “aro" 
to  another  number. 

My  next  concern  is  about  access  to  the 
administrative  and  back-erxl  infrastruc¬ 
ture  of  the  search  technology,  as  well  as 
any  third-party  or  bundled  data  analytics 
tools  and  any  back-end  disk  storage.  Access 
to  those  resources  should  be  limited  based 
on  the  rule  of  least  privilege.  All  of  that 
infrastructure  must  also  comply  with  our 


I  also  want  to  make  sure  that  the  use 
of  enterprise  search  is  restricted  to  au¬ 
thenticated  domain  members.  We  don’t 
want  vendors  or  guesU  drang  searches 
for  data  that  they  shouldn't  see. 

Another  potential  problem  is  that 
some  search  engines  use  caching  to  serve 
up  frequently  accessed  data.  I’ll  need  to 
'  be  sure  that  any  caching  technology  con¬ 
forms  to  our  dau  retentioo  policies  and 
that  there  aren't  any  e-discovery  issues. 

Fmally,  the  search  infrastructure  will 
need  constant  oversi^  to  ensure  that 
no  document  libraries  are  added  without 
having  accessibility  rules  assigned  to  them 
and  chat  employees  don't  save  documents 
in  existing  libraries  that  allow  wider 
access  than  the  document  deserves. 

Enterprise  search  is  like  much  else 
in  the  enterprise:  very  powerful  and 
extremely  useful,  but  risky  and  in  need 
of  constant  attention.  • 

This  iveek's  jnimol  is  uiriiten  hy  a  teal 


Not  quite.  For  security  and  l^al  reasons. 


aren't  addressed,  this  is 

what  you  can  expect;  The  IT  team  does 

some  research,  makes  a  choice,  deploys 


u 


A  search  usii^  a  term  like  ‘H&A’  couM  reveal  the  name 
of  a  company  heh^  considered  for  acquisition. 


CONTENT  MANAGEMENT 


Continurd/rom  pflgp  j6 

Its  not  rocket  science,  notes  Whit  Andrews,  .1  Gartner  analyst. 
“Video  has  been  used  for  training  since  the  Second  World  War.  Bur 
YouTube's  ease  of  use,  compatibility  and  cross-platform  relevance 
all  make  companies  excited"  about  video,  he  says. 

arc  far  from  simple.  As  etuerprises  move  deeper  into  the  world  of 
content  will  inevitably  grow.  A  slew  of  vendors  offer  video  content 


ommends  a  peer-assisted  delivery  model  that  allows  a  machine  in 
one  remote  office  to  serve  as  the  broadcast  vehicle  for  all  machines 
in  that  office,  so  they  only  pipe  in  video  from  one  location. 

Other  methods  include  "fetch  ahead,"  where  the  CEO  records 

sary  locations.  Then  she  follows  up  with  a  live  Q&A  that  may 
include  only  audio  with  images  or  slides. 

MSM  purchases  network  bandwidth  from  its  next-door  neighbor, 
Columbia  University.  The  fiber-optic  contrectiorrs  will  help  address 


library  for  our  student  body  so  they  can 
continue  training"  through  video. 

The  four  biggest  concerns  that  execu- 


a  library  ol  recorded  vid 
Black  g  Decker  encourages  ns  employees  to 
submit  short  videos  ol  best  practices. 

Sales  support:  Sales  professionals 
can  watch  (and  rewatchl  recorded  video  of 
successful  sales  interactions. 

Corporate  communications:  Video 
adds  a  human  dimension  to  raanagemeni 
messages  and  helps  to  keep  the  distributed 


“Enterprises  must  face  the  fact  the  video 
is  a  key  element  of  their  future  internal 
and  external  messaging  strategies,"  says 
Gartner's  Andrews.  Adopting  an  internal 
video  presence  is  a  must,  he  adds,  pointing 
to  a  department  at  one  company  that  posts 
its  training  videos  on  YouTube,  making 
them  accessible  to  employees  —  and  the 
rest  of  the  world.  “The  longer  you  wait,"  he 
says,  "the  more  likely  that  company  video 
is  going  to  turn  up  on  YouTube."  * 

Collett  is  a  Compulerworld  contriburing 
writer.  You  cun  confoci  herai 
.slrollell(giO(iJ.oim. 


Security^^ 

1-  Manc^er's  i 

Journal 

a 

The  Perils  of  Enterprise  Search 


I'M  A  BIG  FAN  OF  SEARCH.  The 

ability  to  use  the  Internet  to  cull 
information  on  virtually  any  topic 
with  just  a  few  clicks  has  made  me 
more  efficient  and  better  informed. 
And  “information”  can  come  in  the  form 
of  pictures,  documents,  videos,  news  feeds 
—  whatever  you  need. 

So  you  might  think  that  when  my 
company’s  application  team  told  me  they 
wanted  to  initiate  an  enterprise  search 
project,  I  would  have  jumped  i 
Not  quite.  For  security  and  legal  reasons, 
enterprise  search  c 
to  real  problems  if  not 
deploy^  with  excrucit 
ire  and  strict  governa 

aren’t  addressed,  this  is 
what  you  can  expect:  The  IT  team  does 
some  research,  makes  a  choice,  deploys 
the  infrastructure  and  begins  pointing 
it  to  data  repositc 


^OPINION 


^PERKINS 

Improve  IT  Muscle  Tone 


Most  IT 
(opiizations 
wll  defer  ITSM 
until 

get  better.’ 
Whenwilltftat 
happen? 


BwtMrtdnsts 

managing  partner 
at  Louisville.  Ky.- 
based  Leverage 
Partners,  vdiicb  helps 
organizations  invest 
well  in  IT.  Contact 
him  at  BartPerfcinse 


YOU  KNOW  YOU  SHOULD  EXERCISE  REGULARLY  to  improve  your 
physical  health  and  emotional  well-beii^.  But  you’re  too  busy.  You 
ne^  to  find  the  right  regimen.  It  will  be  easier  wdien  the  kids  are 
in  sch(X)l.  Or  when  they’re  out  of  schcx)!.  The  list  goes  on  and  on. 


Many  IT  organizations  approach  IT  service 
management  (ITSM)  in  a  sinular  manner.  They 
know  ITSM  provkles  a  foundation  for  improving 
existing  services  and  reducing  costs  by  standard- 


change  control  and  asset  management.  But  rtrost 
IT  organizations  are  already  overcrHnrrritted  and 
urxter-resourcerL  Absecrt  an  inhastructure  crisis, 
they  will  defer  ITSM  rrtrtil  the  budget  gets  Ingger 
or  “thirrgs  get  better."  (When  will  that  happen?) 

Even  the  busiest  IT  otgattization  will  benefit 
from  ITSM  capabilities.  Here  ate  some  of  the 
things  they  can  do  for  you: 


place  a  high  value  on  metrics  fcir  everything  they 
do,  while  fester-paced  industries  such  as  finarxnal 
services  and  entertairrment  are  less  focused  on 
metrics.  But  every  executive  team  wants  IT  to 
demonstrate  that  it  delivers  high-quality,  cost- 
effective  services.  Unfortunately,  comprehensive 
metrics  programs  require  significattt  investment. 
If  your  organization’s  IT  metrics  ate  inadequate 
(or  nonexistent),  ITSM  systems  provide  an  excd- 
lent  foundatioTL  Each  ITSM  process  has  service- 
lewd  targets  and  associated  metrics  that  facilitate 

with  peer  organizatiocts.  Even  if  the  analysis 
shews  that  your  IT  cost-of-services  is  hi^er  than 


nt  IT  orgarrizations,  IT  is  often  viewed  as 
a  mystery.  Many  executives  complain  that  they 
drm't  understand  what  the  IT  staff  does,  that  IT 
fails  to  offer  optkms  when  presenting  budgets,  and 


that  the  beraefits  of  IT  investments  ate  unclear. 
These  accusations  ate  diffierrh  to  refute  without 
a  clear  understanding  of  IT  costs.  ITSM  systems 
analyze  the  cost  of  each  service  and  help  IT 
management  construct  service-based  (rather  than 
resource-based)  budgets.  Service-based  budgets 
are  easier  to  justify  and  help  improve  the  enter¬ 
prise’s  understanding  of  IT  services. 

EiriniKC  the  service  desk. ’The  help  desk/ 
service  desk  is  the  primary  point  of  contact 
between  IT  and  its  custrxrrers  (both  irttemal 
and  external).  Most  em{doyees’  perceptions  of  IT 
ate  formed  through  interactions  with  the  help 
desk.  An  ITSM  system  provides  helpful  informa¬ 
tion,  logs  and  tracks  customer  irtteractions,  and 
Bags  unresolved  incidents  arxl  service  requests.  A 
mote  responsive  service  desk  improves  custom¬ 
ers’  (and  the  organization’s)  perceptions  of  IT.  In 
addition,  good  ITSM  tools  f^tate  analysis  of 
incident  and  request  patterns  to  identify  under¬ 
lying  problems. 


timis  were  originally  designed  for  IT  organiza¬ 
tions.  Similar  tools  designed  for  other  depart¬ 
ments  are  often  less  robust.  But  all  departments 
have  incidertts,  char^  requests,  assets,  etc.  ITSM 
prtxxsses  artd  tools  ate  being  adapted  to  HR,  ac- 


Do  what  you  know  is  best  for  ITs  health. 

Use  ITSM  to  increase  efficiency,  improve  critical 
processes  and  defend  IT  services.  When  you  need 
to  justify  next  year’s  budget,  you’ll  wish  you  had 
those  ITSM  metrics.  Be  proactive  —  get  your  IT 
organization  in  shape  beW  the  next  round  of 
IT  budget  wars.  And  befiire  your  armual 
perfinmatree  review!  * 


LeveragePartners.com. 


MARKETPLACE 


EngbMforWIn&JIET 

EngbMforlJnin 

Ask  about 

fuHy^hmctional 

evakiationsi 


il»  Smart  tkptetioe  i 

nxt  ri 

Instantly  Search  Terabytes  off  II 

Highlights  hits  in  a  wide  range  of  data,  using  dtSearch's^  _ _ 

oivn  file  parsers  and  converters  WMidiSMMk^ 

•  Supports  MS  Office  through  2010  (Word,  Excel,  PowerPoint, 

Access),  OpenOffice,  ZIP,  HTML,  XML/XSL,  PDF  and  more  _ 

•  Supports  Exchange,  Outlook,  Thunderbird  and  other  lagiMHivewMi 

popular  email  types,  including  nested  and  ZIP  attachments  poiiMr_lMlidht 

•  Spider  supports  static  and  dynamic  web  data  like  ASP.NET, 

MS  SharePoint,  CMS,  PHP,  etc. 

•  API  for  SQL-type  data,  including  BLOB  data  . 

-  HJgbMivJM- 

25+  full-text  and  fielded  data  search  options  parfatniMictsMc 

•  Federated  searching  uniMiAedliye^ 

•  Special  forensics  search  options  /iMfeMidll 

•  Advanced  data  classification  objects  . 

APIs  for  C++,  Java  and  .NET  through  4.x  rrdiin  wd  iliiir 

•  Native  64-bit  and  32-bit  Win  /  Linux  APIs;  .NET  Spider  API  « 

•  Content  extraction  only  licenses  available  J 


www.dtSearch.com 


pick  the  topics.  pick  the  sources.  pick  the  frequency. 


Build  voui  O’.'.'ii  iiu'.'. slutiui  ftMiuiinu 
tofiK',  UolkI  niinpLitiiuj  ui.iijlicutior 
uvui  BOO  tiinuly  tioui  niou.'  iB. si¬ 


lt's  free. 

www.techclispenser.com 


31 


QU 

ToddWeimiian 


A  rnemher  of  the  Leaderdlip  Deve^ 

mcnt  Committee  at  nonpro/it  IT  pro- 
ksskmal  onxmization  ISAiCA  discu^ 


job  prospects  in  the  audit  fidd  and  in  ITm general. 


cycles  an)  are  mud)  less  easily  affslwr^ 


As  for  this  years  gradtutts.  the  Big  Four  and 
other  pubik  accounting  and  consulting  Anns 


fessionals  are  currently  in  high  demand  and  are 
RsM  inside  Hw  top  20  on  Money  magatine  and 
PayScatexom's  ist  of  the  top  KX)  most  deseable 
jobs.  In  the  next  to  years,  neheoctt  security  posi¬ 
tions  are  forecast  to  MOW  27ek 
AQxmlng  to  BankmhSecurity,  because  of  risks 
brought  on  by  emergjng  technologies,  as  wrt  as 

pn)tocnls.lheneedforsliied,educaledproies- 
stonfe  in  the  risk  nanagemcnt  area  is  groming. 

enlromvariousindustriesareloakinguhirepro- 
lessionab  who  are  sUfed  in  iniorination  risk  man- 


ognsMeradouble  major  oramkior  in  business 


I.  2011 


That’s  a  Wrap! 


because  one  of  ttie  latdwig  pins  had 
been  bent  - 1  discovered  that  the  user 
had  not  botheied  to  log  out  or  sh<x 
down.  The  laptop  was  showing  that  the 
login  was  locked  Idr  the  user.' 

Oh,  They’ll  Know 

New-kHhe-conipartv  pkot  hsh  Is  stM 
learning  the  ropes  tdien  he's  promoted 
to  supervisor.  "Shortly  alter  I  assumed 
supervisor  lesponsMty.  one  of  the  staff 
submits  his  resignalion  letter.' fish  says. 
'I  Starr  the  process  to  ensure  a  dean 
handKiff  of  tasks.  I  ask  my  boss  If  he's 
going  R)  send  a  notice  to  the  staff  an¬ 


nouncing  the  resignation,  or  if  I  should. 
Boss's  response: 'We  donl  announce 
resignations.' This  could  make  the  going- 
away  luncheon,  wen.  inleresfirtg." 

Secure.  Right. 

Plot  fbh  is  tasked  with  writing  login  ac¬ 
cess  code  lor  a  university's  new  service. 
1  was  able  to  provide  a  secure  login 
with  password-checking.'  fish  says.  "But 
I  poimed  out  that  it  wouldn't  provide 
actual  security.  According  to  the  spec 
I  was  given,  a  successful  login  would 
redked  to  a  URL  that  could  easky  be 


bymakmgrtanHTTPS 
URL  At  least  the  spoofable  login  will  be 
transmitted  securelv.' 

Get  the  Hint? 

Users  in  this  organization  have  been 
clamoring  for  rr  to  let  them  access 
email  using  their  phones  for  years - 
and  finally  it's  happening.  "We  had  to 
sign  the  appropriate  documents  and 
return  them."  says  a  pilot  fish  on  the 
watting  list  "We  were  then  informed; 
'You  wrU  know  your  account  is  ready  fO 
mobile  access  when  your  Outlook  Web 
Access  changes.  No  one  will  notify  you 
of  this  change.  It  will  occur  sometime 
in  June  or  July.  These  instructions  are 
provided  to  you  so  that  you  may  set  up 
your  phone  when  the  change  occurs.' 

I  couldn't  make  this  up  if  I  tried:  no  set 
date,  no  detailed  Instruct'rons.  the  only 
notification  is  some  sort  of  change 


IT  Sharky's  blog,  browse  the  Sharkives  and  sign  up  for  home  deUverv  at  coiiiputerworW.c»iiiykliai*y. 


AM 

tmmama 

_fr\\ 

lit  ANALYTICS  PERSPECTIVES 

ww«|)ipersHctivesxoiii/iingaziiie 


Attend  the  Bl  &  Analytics  Perspectives  2011 
conference  and  discover  how  savvy  enterprises  are 
transforming  their  businesses  with  cutting-edge  data 
gathering,  managing,  mining  and  analysis. 

This  conference  features  sessions  that  go  beyond 
basic  Business  intelligence  to  discussions  on  predictive 
analytics  and  the  challenges  of  harnessing  the  power  of 
Big  Data  and  Mobile  Bl. 


September  18<20, 2011 

Wigwam  Resort 
i  Phoenix,  Arizona 


Topics  addressed  include: 

►  More  effectively  leveraging  social  media  data 
to  enable  real  time  decisions 

Integrating  Mobile  Bl  and  aligning  Bl  assets  to 
grow  the  business 

h  Using  Bl  for  collaborative  decision  making  across 
the  enterprise 


Analyzing  the  Present, 
Anticipating  the  Future, 
Optimizing  Business  Value 


OPINION 


Ifynitedifting 

akmgiiiilhthe 

tedinological- 

dianeeanait, 

ateyouspendig 

anyttnedra^ 

amduskmd 


editor  in  chief.  YOU  can 
contact  him  at  sfinniea 
coniputeniW)rid.com 


IT’S  Not  in  Kansas  Anymore 


W  OU  MAY  NOT  BE  conscious  of  it,  but  tech  has  shifted  several  de- 
J  grees  in  the  2000s.  Trends  such  as  server  virtualization  and  cloud 
mmpiting  didn’t  exactly  creep  ly  mi  us.  It’s  a  good  idea  to  chart  some 
of  the  more  notable  developments  to  keep  things  in  perspective. 


the  posability  of  it  takiiig  im&ir  advantage  of 

9.  Chtaat  Hipercoiliputin.  A  Chinese  system 
topped  the  November  2010  ranking  of  the  world’s 
fastest  supetcomputers.  h  was  a  first  for  China, 
which  to^  the  spot  held  by  the  U.S.  since  2002. 

(A  Japanese  system  moved  into  first  place  last 
month,  but  Chiiu  has  two  of  the  top  five  spots.) 

a.  GMnI  MitsaiNndlig.  Although  it  began  much 
earlier,  global  outsourcing  has  had  a  much  greater 
effect  since  the  turn  of  the  century.  Purchasing  IT 
services  from  third  parties  goes  hand  in  hand  with 
the  rapidly  changing  role  of  IT  in  business. 

7.  S«r*tr  vlitiialtaatiMl.  Although  it  wasn't 
widely  recognized  at  the  time,  the  2001  release 
of  VMware’s  first  server  product  was  a  landmark 
event.  Server  virtualization  has  revolutionized  the 
way  IT  purchases  and  provisions  server  harsqxnver. 

t.  OnIm  parcfexlHg.  A  decade  or  more  after  its 
birth,  ecommerce  has  become  pervasive  enough 
to  be  a  little  mundane.  For  businesses,  buying 
commodity  goods  and  services  no  requires 

laborious  research  and  paperwork. 

&  dMitf  CMlvathig.  At  least  soiw  rr  shops  are 

from  the  likes  of  Amazon  and  Google.  Many 
companies  source  IT  applications  out  of  the  cloud. 
Cloud  computing,  like  ^oial  outsourcing,  is  a 
natural  extension  of  ITs  new  mission;  to  focus  on 


It  increasing  profit. 

C  Hm  CMWMtrixatlN  ft  IT.  The  most  notable 


digital  cameras,  GPS,  imline/mobile  video, 
wireless  broadband  and  lightweight,  Wdidiased 
apps  —  ate  all  present  in  taUets  and  smartphones. 
Because  these  devices  let  people  take  work  with 
them  wherever  they  go,  productivity  is  soaring. 


to  rdy  on  that  productivity.  The  result  is  an 
userslriven  tedinology  revolution. 

3.  TKh  maitut  caps.  It’s  still  difiScuk  to  believe 
that  Apple  is  the  second-largest  company  in  the 
US.  and  the  higbestvahied  tech  company.  Micro¬ 
soft  and  IBM  are  neck  and  neck,  trailing  Apple  by 
$ioo  billion.  What  akemative  universe  is  this? 

2.  Tach  IPOs.  Pandora  and  Linkedin  are  just 
two  of  the  tech  companies  that  have  gone  public 
recently,  with  Zynga,  Groupon  and  UvingSodal 
expected  to  join  them  soon.  Coming  iq>:  Yelp, 
Facriiook  and  Twitter.  There’s  a  specific  tre^  to 
this  spate  of  tech  IPOs:  They’re  aU  Internet  ser¬ 
vices,  and  many  are  social  networking  sites. 

L  Social  BttNniMHf.  Social  netwoiking  and 
mobUeappsarethesaftwaiesideoftheoonsumer- 
ization  of  IT.  Remember  the  expression  “k’s  not  what 
you  know,  it’s  who  you  kno«??  Social  netwoddng 
rewrites  the  rules  of  bow  you  get  to  know  people. 

Many  of  us  who  have  worlod  in  or  near  the 
tech  industry  have  a  tendency  to  go  with  the  flow 
of  the  rapid  pace  of  technological  cbar^.  But  if 
you’re  drifti^  along  with  the  current,  are  you 
spending  any  time  drawing  conclusions? 

For  examyde,  the  consumerization  of  IT  is  a 
transformatiooal  change,  not  a  fad.  Social  net¬ 
working  isn't  a  useless  timewaster.  These  trends 
lepresentawfaolenewwayofgatheringinfonna- 
tion,  staying  up  to  date  on  the  job  and  doing  busi¬ 
ness.  If  you’re  not  living  it  yet.  you  win  be.  • 


36  COaPHTENWONLP  Jl 


THE7TH  CIRCLE 
OF  UPGRADE  HELL. 


s 


SOLVED. 


